package nccloud.sso.filter;

import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import nc.bs.logging.Logger;
import nccloud.sso.util.DesUtil;

public class AESSecurityFilter extends HttpFilter {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	@Override
	protected void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		try {
			String token = request.getParameter("token"); 
			if (token != null) {//单点登录解码+校验
				token = token.replace(" ", "+");
				//暂时去掉解密处理
//				String[] array = AESUtil.decode(token).split("\\|");
//				String[] array = token.split("\\|");
//				if (!isValidity(request.getParameter("usercode"), request.getParameter("ts"),array)){ 
//					throw new IllegalAccessError("非法访问！");
//				}
				String ssokey = request.getParameter("ssokey"); 
				if (!DesUtil.KEY.equals(ssokey)){
					throw new IllegalAccessError("非法ssokey访问！");
				}
				request.setAttribute("usercode", request.getParameter("usercode"));
			}else {
				//参数解码
				String referer = request.getHeader("Referer"); 
//				String apprparam = request.getParameter("apprparam");
//				apprparam = apprparam.replace(" ", "+");
//				//暂时去掉解密处理
////				String[] param = DesUtil.decrypt(apprparam).split("&");
//				String[] param = apprparam.split("&");
//				
//				Map<String,String> paraMap = new HashMap<String,String>();
//				if(param!=null && param.length>0){
//					for(int i=0;i<param.length;i++) {
//						String [] array = param[i].split("=");
//						if(array!=null && array.length>1){
//							paraMap.put(array[0], array[1]);
//						}
//					}
//				}
				request.setAttribute("srcType", referer == null ? 1 : 2);
				request.setAttribute("pk_message", request.getParameter("pk_message"));
				request.setAttribute("pk_bill", request.getParameter("pk_bill"));
				request.setAttribute("c", request.getParameter("c")); 
				request.setAttribute("p", request.getParameter("p"));
				request.setAttribute("tradetype", request.getParameter("tradetype"));
				request.setAttribute("usercode", request.getParameter("usercode"));
			}
			chain.doFilter(request, response);
		} catch (Exception e) {
			response.setStatus(403);
			this.recordError(e);
		}
	}

	/**
	 * 校验token（仅限与单点登录） token 组成 usercode +"|"+ts+"|"+盐值
	 * 
	 * @param usercode
	 * @param ts
	 * @param _params
	 * @return
	 */
	private boolean isValidity(String usercode, String ts, String[] _params) {
		return usercode != null && usercode.equals(_params[0]) && ts != null && ts.equals(_params[1])
				&& DesUtil.KEY.equals(_params[2]);
	}

	/**
	 * 错误日志记录
	 * 
	 * @param e
	 * @param param
	 */
	private void recordError(Exception e) {
		Logger.error("SSO::AESSecurityFilter.doFilter");
		Logger.error(e.getMessage());
		Logger.error("SSO::调用栈");
		StringWriter sw = new StringWriter();
		e.printStackTrace(new PrintWriter(sw, true));
		Logger.error(sw.getBuffer().toString());
	}
}
